You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@guacamole.apache.org by GitBox <gi...@apache.org> on 2020/05/04 18:42:19 UTC

[GitHub] [guacamole-server] mike-jumper commented on a change in pull request #274: GUACAMOLE-1059: Use FreeRDP function for verifying Stream length

mike-jumper commented on a change in pull request #274:
URL: https://github.com/apache/guacamole-server/pull/274#discussion_r419647636



##########
File path: src/protocols/rdp/channels/rdpdr/rdpdr-fs-messages-file-info.c
##########
@@ -135,6 +135,10 @@ void guac_rdpdr_fs_process_set_rename_info(guac_rdp_common_svc* svc,
     wStream* output_stream;
     char destination_path[GUAC_RDP_FS_MAX_PATH];
 
+    /* Check stream size prior to reading. */
+    if (Stream_GetRemainingLength(input_stream) < 6)
+        return;

Review comment:
       Is it worth logging a warning when a received PDU is unexpectedly small? Should make it easier to trace down the cause of unexpected behavior due to RDP protocol violations.




----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org